Google flags up dodgy sites

Google has started warning people when search results could potentially lead them to malicious code.

The search giant is using data from the Stop Badware Coalition to flag sites that are potentially host to malicious software. Google, along with Sun Microsystems and Chinese PC maker Lenovo, announced support for the group in January.

People who attempt to go to a website that has been identified as risky by the coalition are taken to a warning page.

The page states in bold type: "Warning - the site you are about to visit may harm your computer!", then suggests users can "learn more about malware and how to protect yourself at StopBadware.org".

The interrupt page suggests users can try returning to the search page and choosing a different result, trying another search, or they can continue to the potentially malicious site.

John Palfrey, a professor at the Harvard Law School and one of the driving forces behind the effort, said: "We're not going to say don't do it. What we want to do is basically give people some more information about what might happen to their computer."

Harvard has teamed up with Oxford University to provide much of the manpower for the coalition's web-monitoring effort. People can report sites that have malicious code on them, and then a human checks the report before any sites are flagged, Palfrey said.

Palfrey likens the effort to a "Neighbourhood Watch" programme. Sites in question are not removed from search engines but the idea is that users are warned of potential problems. Although the Stop Badware Coalition has been working closely with Google, Palfrey said he would like to see other search engines tap its watch list as well.

He said: "We very much encourage other search engines to join and use the data in the same way. We're quite open."

A Google representative was not immediately available for comment.

Stopbadware.org is one of a number of coalitions aiming to stop the spread of malicious code. Initially, the group was focused on merely identifying bad programs but not necessarily which sites distributed the code.

Palfrey said: "The initial idea was to say that law in the ordinary sense of the word has not been doing a good job with these highly distributed problems - spyware or viruses or spam."

Ina Fried writes for CNET News.com